All posts by alvi

What Is Regulatory Compliance?

The best route to understanding what regulatory compliance means is to go the root of the expression, which is clear. Compliance is described as a state of being in accordance with set regulations. So, regulatory compliance is simple -it is being compliant with regulations. Let us explore what kind of compliance is required, and what regulation are we talking about.

Regulatory compliance is an ocean:

In a broad sense, regulatory compliance is something whose depths can perhaps never be fathomed. This is so because everything -meaning quite literally everything from a pin to an airplane -needs some or another kind of compliance. Any product, from the smallest to the biggest, has to be compliant with regulatory requirements. What is it that makes regulatory compliance such a big thing, who frames rules and laws relating to regulation, and why is it so important?

Why is regulation needed?

This is as simple as why rules are needed for governing people. Every product from every field in the physical world, to quote the example given above again, from pin to an airplane, is manufactured and finessed according to set standards. These standards are needed because in their absence, there is no such thing as science in them. Science is all about exactness, logic and predictability.

In the absence of regulatory compliance, this very foundation is shaken. In other words, there is no product without regulatory compliance. All products have to go through demonstrable, deducible and reproducible processes. This is what makes them actual products. Or else, they would be some kind of spiritual experiment that is left to the individual to experience.

Regulation is at the heart of products and processes:

Any product that is manufactured, no matter to which field it belongs, has to undergo a clearly demonstrable process. The process has to be objective, and it must be open to changes and refutations. Only a product that convincingly demonstrates that it is capable of producing its desired effect time and again in any situation and at any point of time qualifies to be a process-oriented product. Regulations are all about making setting out specifications for these.

Further, if a product is to demonstrate its core quality, it has to also ensure that it is safe within prescribed limits. Who sets these prescribed limits? It is regulatory authorities again. So, regulatory compliance is all about ensuring that a product is just what it is and that it serves its intended use within set safety parameters.

Regulatory compliance and non-manufactured products:

Compliance is thus an area that is as vast as it is exact. Respective regulatory bodies exist in different countries at different levels to ensure that anything that is produced meets regulatory compliance standards. Having said this, we have to bear in mind that only manufactured products are subject to these hairsplitting, high-definition regulations. For instance, rice is produced, but is not manufactured.

Safety and intended use are the prime factors:

This is different from the case of say, medicines. All the processes, right from the ingredient stage, are precise and scientific. This is where we have to understand how regulatory compliance works. Eventually, the aim is to ascertain and ensure safety and intended use. Compliance is also needed to make sure that organizations making products are come out with safe products.

Guide to the Electrical Equipment Safety System (EESS) and the Regulatory Compliance Mark (RCM)

Like all regulatory compliance regimes the EESS has both an administrative part and a technical part. The EESS also builds on the current arrangements modifying them and adding to them. If you are a retailer, supplier, manufacturer or importer then you must understand and apply the EESS where required.

The responsibility for the EESS is with the Electrical Regulatory Authorities Council (ERAC) who is responsible for electrical safety across Australia and New Zealand. ERAC has introduced a model legislation which has been implemented in the relevant legislation of Australian States and territories and New Zealand. The aim of the EESS is to create a harmonized legislative environment for electrical equipment safety.

The EESS is based on:

Harmonized electrical safety legislation;

Uniform Equipment Safety Rules;

Australian and New Zealand Standards;

International standards.

Who must comply?

Responsible suppliers must comply. Definition of a “responsible supplier”:

A person who manufactures the electrical equipment in, or imports the equipment into Australia; or

if New Zealand is a participating jurisdiction, a person who manufactures the equipment in, or imports the electrical equipment into, New Zealand.

What equipment must comply?

In-scope equipment must comply. The meaning of in-scope:

It is low voltage electrical equipment that is designed, or marketed as suitable, for household, personal or similar use.

It is immaterial whether the low voltage equipment is also designed or marketed to be used for commercial or industrial purposes.

Note: Low voltage electrical equipment that is rated at:

Greater than 50 V AC RMS or 120V ripple-free DC (extra-low voltage) and

Less than 1000V AC RMS or 1500V ripple-free DC (high voltage)

What about electrical equipment that is not “in-scope”?

Electrical equipment that is not in-scope electrical equipment (for example, a commercial oven in a bakery) still needs to be electrically safe. The designer, manufacturer or importer is obligated to ensure the product is tested and examined to be electrically safe, which is generally shown by compliance with the safety criteria of AS/NZS 3820 Essential safety requirements for electrical equipment.

Also the Work Health and Safety regulations enacted by each state and territory and the Electrical Safety Installation Regulations of each state and territory apply. Guidance is given in the codes of practice that support the legislation. Relevant Australian standards include AS60204.1: Safety of machinery – Electrical equipment of machines.

So does the EESS apply to commercial and industrial electrical equipment designed or marketed exclusively for these environments? No. Does electrical safety legislation and other legislation, regulations and codes of practice apply to the equipment? Yes.

In general Australia is a highly regulated environment and suppliers to the Australian market must inform themselves of the applicable legislation and standards or risk fines and product recalls.

The Levels

The in-scope electrical equipment is classified in one of three levels under the EESS dependent on a risk assessment conducted by ERAC.

Level 1

Equipment classified as Level 1 is potentially low risk.

Before Level 1 equipment can be offered for sale, Responsible Suppliers must:

Ensure that the equipment is electrically safe and it meets the relevant standard(s). Note that reports and technical information to other than Australian and New Zealand standards may be used to demonstrate compliance with the applicable standard(s).

Mark the equipment with the applicable compliance mark. This is the Regulatory Compliance Mark (RCM).

Level 1 equipment is not registered on the National Database but Responsible Suppliers of Level 1 equipment must register on the database. So not the equipment per se but the fact that you are a supplier of electrical equipment.

Level 2

Level 2 electrical equipment is classified as a potential medium risk level.

Before Level 2 equipment can be offered for sale Responsible Suppliers must:

Register the item of electrical equipment on the National Database and link it to a registered Responsible Supplier

Compile and hold or have access to a Compliance Folder. The Compliance Folder contains reports and information demonstrating that the equipment complies with the regulations and the applicable standard(s). Note that reports and technical information to other than Australian and New Zealand standards may be used to demonstrate compliance with the applicable standard(s). The Compliance Folder must either be uploaded to the National Database or the address where the Compliance Folder is kept must be recorded on the National Database.

Mark the equipment with the applicable compliance mark. This is the Regulatory Compliance Mark (RCM).

Level 3

Level 3 electrical equipment is classified as a potential high risk.

Before Level 3 equipment can be offered for sale Responsible Suppliers must:

Register the item of electrical equipment on the National Database and link it to a registered Responsible Supplier

Have a valid and current Certificate of Conformity from a recognized certifier; and,

Mark the equipment with the applicable compliance mark. This is the Regulatory Compliance Mark (RCM).

Note that reports to IEC or similar standards may be used to demonstrate compliance with the applicable standard(s) and so satisfy the requirements of the EESS. When using these reports supplementary technical justification may be used to demonstrate compliance with the Applicable Australian standards.

The applicable standards

For level 1 equipment AS/NZS 3820 (Essential safety requirements for electrical equipment applies). This standard and the applicable Australian and New Zealand standard (AS/NZS) applies. If there is not an AS/NZS standard the applicable International Electrotechnical Commission’s (IEC) standard applies with AS/NZS 3820. If there is no applicable AS/NZS or IEC standard then AS/NZS 3820 applies by itself.

For level 2 or 3 equipment the relevant standard as shown in AS/NZS 4417 (Marking of electrical product to indicate compliance with regulations) applies or the standard that is accepted by a Regulatory Authority as a standard that can be readily applied to that type of equipment.

Note, equipment tested to other standards, most commonly IEC standards, may be supplemented by additional assessment and the equipment found to be compliant with the applicable AS/NZS standard, including AS/NZS 3820, AS/NZS 4417 or that standard accepted by a Regulatory Authority (Australian state or territory or New Zealand government agency).

The Compliance Folder

The Compliance Folder contains all the supporting documentation confirming that the equipment meets all of the relevant standard(s). The reports in the Compliance Folder must be completed by an approved testing entity or a suitably qualified person.

Impact of Regulatory Compliance in Leveraging Mobile Solutions to Enterprises

Major corporations like retail, healthcare, insurance, banking and others have an evolving set of regulatory compliance guidelines which should never be breached by a human or a software application. But with times, mobility has become the integral part of these industries and care should be taken that this new technology will not have an adverse effect on the regulations.

Regulations framed for major corporations are fragile enough to be affected by the mobile technology solutions and care must be taken that these regulatory compliances should never be breached by the leveraged mobile solutions into the enterprise. The proliferation of the mobile devices especially the tablets and Smartphones have offered tremendous fortuity in terms of customer connectivity, financial transactions, remote healthcare services and mobile banking and regulatory compliance is framed to ensure data security and integrity in the industries that carry acute information about individuals like in case of hospitals, banks, insurance and others.

So when a mobile solution is under the making, there is a potential threat of the regulated data being carried into uncontrolled expanse. A mobile enterprise professional will be able to evaluate the data security regulations and will be able to relate those clauses that are specific to your business vertical. After analyzing this aspect, the consultant will be able to fish out those regulations that would pose a threat with respect to the mobile devices. Keeping the sensitive compliances as a parameter while framing a mobility solution would present the enterprise mobility partners with those challenges that would typically brainstorm the developers. However, in many cases the project will serve its purpose and the business client can carry on his ventures in terms of customer acquisition and other influencing business strategy.

Financial Institutes and Mobile Security:

Financial organizations like banks, insurance companies are all guided by a set of rules and regulations in terms of disclosing identity, passwords etc. The mobile experience in this niche should be in such a way that it can augment security to the transaction channel. Care must be taken that the deployed mobile application should be immune to phishing, SMS-phishing and any other security breaching malware threats. Any mobile development for a financial institution that is weak and buggy will have a negative impact on the business and the brand. This could also be punishable under law or the customers could impose fine on the firm. In order to keep the business model immune to these harsh effects, a proper mobile technology planning is required that would align the business perspective with the regulatory compliance.

Mobile health information technology:

Healthcare industry is obviously the most sensitive corporation when it comes to data management and security. This service industry has a lot of compliance imposing standards like HIPAA, FDA, HL7 and others. In order to keep up with the ever changing regulations of the healthcare system, mobile related improvements have to be constructed in a way that it compiles to the changing scenarios of the healthcare interoperability standards. This is the most challenging task for the mobility enterprise consultants as they have to keep up with the changing clauses and specifications in terms of technology.